Port Contention for Fun and Profit

Aldaya, Alejandro Cabrera; Brumley, Billy Bob; Hassan, Sohaib ul; García, Cesar Pereida; Tuveri, Nicola

doi:10.1109/sp.2019.00066

Cited by 97 publications

(65 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a result, practitioners use slower codes to improve security-e.g., S-box or bitslice AES [36] and montgomery ladder exponentiation for RSA. 10 Our OISA provides a basis for running high-performance cryptography securely. To demonstrate the benefit, we compare the performance of T-table AES [35] (high performance, low security) vs. bitslice AES [36] (low performance, high security).…”

Section: )mentioning

confidence: 99%

“…These attacks exploit how victim and adversarial programs share hardware/virtual resources on shared remote servers (e.g., an amazon EC2 cloud). Simply by co-locating to the same platform, researchers have shown how attackers can learn victim program secrets through the victim's virtual memory accesses [2], [3], hardware memory accesses [4], [5], branch predictor usage [6], [7], arithmetic pipeline usage [8], [9], [10], speculative execution [11], [12] and more. Given the many avenues to launch an attack, it is paramount for researchers to explore holistic and efficient defensive strategies.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Data Oblivious ISA Extensions for Side Channel-Resistant and High Performance Computing

Hsiung²,

El'Hajj³

et al. 2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Blocking microarchitectural (digital) side channels is one of the most pressing challenges in hardware security today. Recently, there has been a surge of effort that attempts to block these leakages by writing programs data obliviously. In this model, programs are written to avoid placing sensitive data-dependent pressure on shared resources. Despite recent efforts, however, running data oblivious programs on modern machines today is insecure and low performance. First, writing programs obliviously assumes certain instructions in today's ISAs will not leak privacy, whereas today's ISAs and hardware provide no such guarantees. Second, writing programs to avoid data-dependent behavior is inherently high performance overhead. This paper tackles both the security and performance aspects of this problem by proposing a Data Oblivious ISA extension (OISA). On the security side, we present ISA design principles to block microarchitectural side channels, and embody these ideas in a concrete ISA capable of safely executing existing data oblivious programs. On the performance side, we design the OISA with support for efficient memory oblivious computation, and with safety features that allow modern hardware optimizations, e.g., out-of-order speculative execution, to remain enabled in the common case. We provide a complete hardware prototype of our ideas, built on top of the RISC-V out-of-order, speculative BOOM processor, and prove that the OISA can provide the advertised security through a formal analysis of an abstract BOOM-style machine. We evaluate area overhead of hardware mechanisms needed to support our prototype, and provide performance experiments showing how the OISA speeds up a variety of existing data oblivious codes (including "constant time" cryptography and memory oblivious data structures), in addition to improving their security and portability.

show abstract

Section: )mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Data Oblivious ISA Extensions for Side Channel-Resistant and High Performance Computing

Hsiung²,

El'Hajj³

et al. 2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Interestingly, during our analysis we also found new sources of leakage, including some that we cannot easily associate with a single component. By focusing exclusively on contention-based side channels, ABSynthe can treat the target CPU microarchitecture and its components as black boxes, while synthesizing side channels that are stealthy [10,11], that are easy to regenerate across different architectures, and that may even combine multiple microarchitectural components to boost the signal and outperform state-of-the-art side-channel attacks.…”

Section: Introductionmentioning

confidence: 99%

“…While attacks on CPU caches are the most common, attackers may equally target other microarchitectural components, including cache directories [6], TLBs [7], and branch predictors [9]. Some recent efforts, such as PortSmash [10] and SMoTherSpectre [11], show that one can also leak secret information by crafting contentionbased attacks that exploit contention on execution ports. The high-level strategy in contention-based attacks is to replace the active evictions of prior efforts with passive monitoring, which also vastly improves the stealthiness of the attack [10].…”

Section: Introductionmentioning

confidence: 99%

“…Some recent efforts, such as PortSmash [10] and SMoTherSpectre [11], show that one can also leak secret information by crafting contentionbased attacks that exploit contention on execution ports. The high-level strategy in contention-based attacks is to replace the active evictions of prior efforts with passive monitoring, which also vastly improves the stealthiness of the attack [10]. However, these efforts still rely on exploitation primitives specific to a particular microarchitectural component, in particular execution ports.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation